Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1246
Views
5
Helpful
1
Replies

ASA 5510 (ver 8.2) to ASA 5516-X (ver 9.6) Migration

Go to solution
Sai
Level 1
Level 1

‎11-19-2017 10:28 PM - edited ‎02-21-2020 06:47 AM

Dear Experts, 


I am planning to ASA hardware migration from ASA 5510 (ver 8.2) to ASA5516-X (ver 9.6).

I would like to get your help/advise for my migration.

 

1) what is the best way of this migration fro 5510 ver 8.2 to ASA5516-X (ver 9.6)

2) Is there any better tools for NAT and ACL? 

3) Is there any chart or link of different versions of NAT and ACL setup CLI command?, so that I can compare my current config to modify for new ver.

4) kindly provide your advise for this migration.

 

Thank you so much in advance.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎11-19-2017 10:50 PM

The first step is to clean up and review your existing configuration. Make sure you understand what you have and what's necessary.

 

I have used the tools at tunnelsup.com to good end in doing both the cleanup and NAT conversion. I find their NAT conversion cleaner and more reliable than what's built into the parser that runs when doing an inline upgrade (something you don't have available since you are moving between platforms).

 

Your 5516-X will have different interface numbering than the 5510 so you will have a bit of work to do in changing the configuration to take that into account. There's not an easy shortcut for that as an end user.

 

if you're a partner or working with one, Cisco has an internal migration tool that can be used to prepare the new configuration offline. It's not a 100% substitute for a qualified and informed firewall engineer / admin but it is helpful for the larger configurations with lots of lines.

View solution in original post

1 Reply 1

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎11-19-2017 10:50 PM

The first step is to clean up and review your existing configuration. Make sure you understand what you have and what's necessary.

 

I have used the tools at tunnelsup.com to good end in doing both the cleanup and NAT conversion. I find their NAT conversion cleaner and more reliable than what's built into the parser that runs when doing an inline upgrade (something you don't have available since you are moving between platforms).

 

Your 5516-X will have different interface numbering than the 5510 so you will have a bit of work to do in changing the configuration to take that into account. There's not an easy shortcut for that as an end user.

 

if you're a partner or working with one, Cisco has an internal migration tool that can be used to prepare the new configuration offline. It's not a 100% substitute for a qualified and informed firewall engineer / admin but it is helpful for the larger configurations with lots of lines.

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card